MITRE Releases Fight Fraud Framework

The non-profit MITRE Corporation on Thursday released a new framework to help organizations fight fraudsters.  MITRE’s Fight Fraud Framework (MITRE F3) is a curated knowledge base that provides a behavior-based model of the tactics, techniques, and procedures (TTPs) fraudsters employ, informed by real-world attacks. “These incidents involve the intentional use of deceptive or illegal practices to fraudulently obtain money, assets, or information from individuals or institutions, and include actions carried out over cyber channels,” MITRE says. The framework offers a common structure and taxonomy describing cyber fraud incidents and is meant to enable stronger collaboration on fraud detection, prevention, and response. The analyst-developed knowledge base was designed as a structured, transparent, and operationally relevant resource that is globally accessible, open, and free for use. MITRE F3 details behaviors that are not included in the ATT&CK framework by introducing two fraud-specific tactics. These include positioning, which includes the post-compromise actions aimed at collecting and manipulating data and preparing follow-up execution, and monetization, which involves the activities threat actors perform to convert the compromised assets into usable value. “These additions capture the uniqueness of fraud where success depends on moving and extracting value, not just gaining access. By capturing those stages, F3 allows defenders to trace fraud activity from initial compromise through financial impact,” MITRE notes. The framework also changes the definition of tactics that already exist in ATT&CK, such as reconnaissance, resource development, initial access, defense evasion, and execution. MITRE Fight Fraud Framework (F3) “This structure creates a shared language that allows cyber and fraud defenders to enumerate the material events in a fraud incident, connect cyber activity to financial outcomes, and align detection, prevention, and response strategies,” MITRE explains. In addition to launching a website for the framework, MITRE published a visual representation of the described tactics, along with details on the F3 design principles and methodology, and information on how it can be used. Additional resources are available in a GitHub repository that also provides details on how interested parties can get involved with the project. Related: MITRE Launches New Security Framework for Embedded Systems Related: MITRE Releases 2025 List of Top 25 Most Dangerous Software Vulnerabilities Related: MITRE Unveils ATT&CK v18 With Updates to Detections, Mobile, ICS Related: MITRE Unveils AADAPT Framework to Tackle Cryptocurrency Threats WRITTEN BY Ionut Arghire Ionut Arghire is an international correspondent for SecurityWeek. More from Ionut Arghire Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities Google Warns of New Campaign Targeting BPOs to Steal Corporate Data 300,000 People Impacted by Eurail Data Breach RCE Bug Lurked in Apache ActiveMQ Classic for 13 Years FBI: Cybercrime Losses Neared $21 Billion in 2025 Evasive Masjesu DDoS Botnet Targets IoT Devices Hackers Targeting Ninja Forms Vulnerability That Exposes WordPress Sites to Takeover Trent AI Emerges From Stealth With $13 Million in Funding Latest News Orthanc DICOM Vulnerabilities Lead to Crashes, RCE Chrome 147 Patches 60 Vulnerabilities, Including Two Critical Flaws Worth $86,000 Critical Marimo Flaw Exploited Hours After Public Disclosure Google Rolls Out Cookie Theft Protections in Chrome Microsoft Finds Vulnerability Exposing Millions of Android Crypto Wallet Users Apple Intelligence AI Guardrails Bypassed in New Attack Can We Trust AI? No – But Eventually We Must Google API Keys in Android Apps Expose Gemini Endpoints to Unauthorized Access Trending Webinar: Securing Fragile OT In An Exposed World March 10, 2026 Get a candid look at the current OT threat landscape as we move past "doom and gloom" to discuss the mechanics of modern OT exposure. Register Webinar: Why Automated Pentesting Alone Is Not Enough April 7, 2026 Join our live diagnostic session to expose hidden coverage gaps and shift from flawed tool-level evaluations to a comprehensive, program-level validation discipline. Register People on the Move Black Duck has named Dom Glavach as Chief Information Security Officer. Finite State has named Ann Miller as Vice President of Marketing. Yael Nardi has joined Minimus as Chief Business Officer. More People On The Move Expert Insights The Hidden ROI Of Visibility: Better Decisions, Better Behavior, Better Security Beyond monitoring and compliance, visibility acts as a powerful deterrent, shaping user behavior, improving collaboration, and enabling more accurate, data-driven security decisions. (Joshua Goldfarb) The New Rules Of Engagement: Matching Agentic Attack Speed The cybersecurity response to AI-enabled nation-state threats cannot be incremental. It must be architectural. (Nadir Izrael) The Next Cybersecurity Crisis Isn’t Breaches—It’s Data You Can’t Trust Data integrity shouldn’t be seen only through the prism of a technical concern but also as a leadership issue. (Steve Durbin) Why Agentic AI Systems Need Better Governance – Lessons From OpenClaw Agentic AI platforms are shifting from passive recommendation tools to autonomous action-takers with real system access, (Etay Maor) The Human IOC: Why Security Professionals Struggle With Social Vetting Applying SOC-level rigor to the rumors, politics, and 'human intel' can make or break a security team. (Joshua Goldfarb) Flipboard Reddit Whatsapp Email